Security

Whoh…! It has been a very long time since I wrote a blog on my site, last blogs were from Ignite, and the 2018 edition is about to start. So time to end the blog silence 🙂

Azure Stack Certificates

Certificates all have there lifetimes fortunately otherwise it will miss it’s goal entirely, so it’s inevitable that we have to rotate some certificates on Azure Stack. I had to rotate the public certificates recently. A public certificate on a multi node Azure Stack POC environment that is of the type Multi SAN Wildcard certificate. Best practice is to have a separate Wildcard certificate for the different roles of Azure Stack but since this is a POC al names are in one certificate. A lot about the Certificate requirements is describe here.

In this blog I am not explaining how to create the CSR or request the certificate, this is just about testing and rotating the public certificate. More details about generating a CSR can be found here

Prepare Certificate folder

Azure Stack expects a certain folder structure for all certificates and some properties on the .PFX file. The test tool will check for this. There is a powershell file on GitHub called CertDirectoryMaker.ps1 that you could use to create the folder structure. Then add your certificates to the right folder. In this case it was simple 1 certificate in all the folders.